nvd-json-data-feeds/CVE-2024/CVE-2024-437xx/CVE-2024-43764.json

{
  "id": "CVE-2024-43764",
  "sourceIdentifier": "security@android.com",
  "published": "2025-01-03T01:15:07.760",
  "lastModified": "2025-01-03T22:15:07.783",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
    },
    {
      "lang": "es",
      "value": "En onPrimaryClipChanged de ClipboardListener.java, existe una forma posible de omitir parcialmente la pantalla de bloqueo. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "references": [
    {
      "url": "https://android.googlesource.com/platform/frameworks/base/+/70eb75df7d342429c3ee225feb7c011df727442f",
      "source": "security@android.com"
    },
    {
      "url": "https://source.android.com/security/bulletin/2024-12-01",
      "source": "security@android.com"
    }
  ]
}